Transient storage devices, such as USB flash drives, pose a security risk because they can be easily lost or stolen. In general, the stored data is inherently unprotected and therefore accessible. Device manufacturers and software developers have offered a number of software-based and hardware-based solutions to this problem; however they are generally inadequate and thus not widely used.
The drawbacks to software-based solutions result from weaknesses in software-based encryption and access control. Software-based encryption and access control is based up platform-specific software, which limits the portability of the device to other platforms. Further, software-based encryption can overwhelm devices with limited processing power. Significantly, software encrypted data suffers from degraded security, because software encryption cannot protect data from offline brute force decryption.
Current hardware-based solutions are unable to provide device side protection on a per-file basis, as a result of host file system dependencies. For example, a user cannot hardware encrypt or hardware write protect individual files. What is needed is a mechanism for providing device-side (hardware-based) file level protection, which can be applied to various host file systems in a generic manner, including on a per-file basis.